| |
Vulnerability CVE-2023-41290
Published: 2024-04-26
Description: |
A path traversal vulnerability has been reported to affect QuFirewall. If exploited, the vulnerability could allow authenticated administrators to read the contents of unexpected files and expose sensitive data via a network.
We have already fixed the vulnerability in the following version:
QuFirewall 2.4.1 ( 2024/02/01 ) and later
|
Type:
CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))
References: |
https://www.qnap.com/en/security-advisory/qsa-24-17
|
|
|
Copyright 2024, cxsecurity.com
|
|
|